Researchers Unveil Antivirus Bypass

Kara Reeder

Researchers at Matousec.com have published an attack tactic that bypasses the security protections of most current antivirus software.

 

According to Computerworld, Matousec calls the technique an "argument-switch attack." It involves an attacker swapping out benign code for malicious code between the moments when the security software issues a green light and the code actually executes. Matousec says more than 30 antivirus products are vulnerable to the attack, including ones from AVG, McAfee and Norton, eWEEK reports.

 

Alfred Huger, vice president of engineering at Immunet, is concerned by the attack:

This is definitely very serious. Probably any security product running on Windows XP can be exploited this way.

But McAfee is downplaying the severity:

Based on our initial review of the public documentation, we believe this is a complicated attack with several mitigating factors that make it unlikely to be a viable, real world, widespread attack scenario. The attack would require some level of existing access to the target computer, as the attack described by Matousec does not on its own bypass security software or allow malware to run.


Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data